CVSS v3
7.5
HIGH
EPSS Score
—
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Improper restriction of XML external entity reference vulnerability in Netcad Software Inc. NetGIS allows Serialized Data External Linking. This issue affects NetGIS: from 5.0.66 before 7.2.2.
Improper restriction of XML external entity reference vulnerability in Netcad Software Inc. NetGIS allows Serialized Data External Linking. This issue affects NetGIS: from 5.0.66 before 7.2.2.
Active exploitation of CVE-2026-8396 has not been confirmed. The EPSS score is N/A%, indicating the estimated probability of exploitation in the next 30 days.
CVE-2026-8396 has a CVSS v3 base score of 7.5 (HIGH severity), with vector string 3.1.
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.